﻿<% @ Language=VBScript %>
<% Option Explicit %>

<!--#include file="includes/hash1way.asp" -->
<!--#include file="includes/database.asp" -->
<!--#include file="includes/global_varaiable.asp" -->


<!--#include file="header.asp"-->

<script language="javascript" src="staff_add_ajax.js" type="text/javascript"></script>

<script>
function CheckfrmReg() {
	var blnValid = true;
	var msg = 'Bạn chưa nhập đầy đủ thông tin, vui lòng kiểm tra những mục dưới đây:';
	if (document.frmReg.usr.value=="") {
		blnValid = false;
		msg  += '\n- Username';
	}
	
	if(document.frmReg.usr.value.indexOf("'") != -1)	{
			blnValid = false;
		msg  += '\n- Username';
		}

	if (document.frmReg.pwd.value=="") {
		blnValid = false;
		msg  += '\n- Password';
	}
	
	if (document.frmReg.fullname.value=="") {
		blnValid = false;
		msg  += '\n- Tên';
	}

	if (document.frmReg.email.value=="") {
		blnValid = false;
		msg  += '\n- Email';
	}
	if (document.frmReg.phone.value=="") {
		blnValid = false;
		msg  += '\n- Điện thoại';
	}
	
		
	if (document.frmReg.add.value=="") {
		blnValid = false;
		msg  += '\n- Địa chỉ';
	}
	if (!blnValid) alert (msg);

	// Bat dau kiem tra email
	if (document.frmReg.email.value == "") {
		alert("Vui lòng nhập địa chỉ email!");
		document.frmReg.email.focus();
		return false;
	}
	else
	{ 
		var e_check  = document.frmReg.email.value;
		if(document.frmReg.email.value.indexOf(" ") != -1)	{
			alert("Email không hợp lệ!");
			document.frmReg.email.focus(); 
			return false;
		}
		if(document.frmReg.email.value.indexOf("@") == -1)	{
			alert("Email không hợp lệ!");
			document.frmReg.email.focus(); 
			return false;
		}
	   	validarr = document.frmReg.email.value.split("@");   
	   	if(validarr[1].length==0){
		   	alert("Email không hợp lệ!");
		   	document.frmReg.email.focus(); 
		   	return false;
	   	}
	   	if(validarr[1].length != 0){ 
			if(validarr[1].indexOf(".") == -1){
				alert("Email không hợp lệ!");
				document.frmReg.email.focus(); 
				return false;
			}
			validemail = validarr[1].split(".");
			if(validemail[1].length==0) {
				alert("Email không hợp lệ!");
				document.frmReg.email.focus(); 
				return false;
			}
		}   
	}
		//ket thuc kiem tra email
	return blnValid;
}
</script>


</head>

<body>

<%

	'If (IsSysAdmin() = false) then
	'	Response.Write(vbCrLf & "<script language=""JavaScript"">")
	'	Response.Write(vbCrLf & "alert('Ê ku, không phải admin sao lại vào đây?')")
	'	Response.Write(vbCrLf & "window.location = 'login.asp'")
	'	Response.Write(vbCrLf & "</script>")
	'End If

Dim usr
Dim pwd
Dim fullname
Dim email
Dim phone
Dim add
Dim level
Dim active


'Không cho nhập ký tự đặc biệt gây lỗi
function fixL(s)
			s = replace(s,"'","")
	s= replace(s,"#'","")
	fixL = replace(s,";'","")
	end function

'Đọc dữ liệu từ form
	
usr = Trim(Mid(Request.Form("usr"), 1, 20))
pwd = LCase(Trim(Mid(Request.Form("pwd"), 1, 15)))
fullname = fixL(Request.Form("fullname"))
email = fixL(Request.Form("email"))
phone = fixL(Request.Form("phone"))
add = fixL(Request.Form("add"))
level = fixL(Request.Form("level"))

active=0
if(Request.Form("active")="1") then
 active=1
end if

pwd = HashEncode(pwd)

If Request("act") = "save" then

strSQL = "INSERT INTO NHANSU (Usr, Pwd, FullName, Email, Phone, Address, Level, Creator, IP_Creator, DateCreated, Active) VALUES ('" & usr & "', '" & pwd & "', '" & fullname & "', '" & email & "', '" & phone & "', '" & add & "', '" & level & "', '" & Session("StaffID") & "', '" & Request.ServerVariables("REMOTE_ADDR") & "', '" & now() & "', " & active & ")"

adoCon.Execute(strSQL)

'response.write(strSQL)

Session("Message") = "Thêm thành công"

End If

%>

<p><span class="aspmaker">Add to TABLE: NHANSU<br><br><a href="staff_list.asp">Back to List</a></span></p>
<form name="frmReg" onsubmit="return CheckfrmReg();" method="post" action="staff_add.asp?act=save">

<%
If Session("Message") <> "" Then
%>
<p><span class="ewmsg"><%= Session("Message") %></span></p>
<%
	Session("Message") = "" ' Clear message
End If
%>

<p>
<table class="ewTable">
		
	<tr id="r_Username">
		<td class="ewTableHeader"><span>Username</span></td>
		<td class="ewTableAltRow"><span>
		<input name="usr" type="text" size="30" onkeyup="showHint(this.value)" autocomplete="off">* <span id="txtHint"></span>
		</span></td>
	</tr>
	
	<tr id="r_Password">
		<td class="ewTableHeader"><span>Password</span></td>
		<td class="ewTableAltRow"><span>
		<input name="pwd" type="text" size="30">*
		</span></td>
	</tr>
	
	<tr id="r_FullName">
		<td class="ewTableHeader"><span>Full Name</span></td>
		<td class="ewTableAltRow"><span>
		<input name="fullname" type="text" size="30">*
		</span></td>
	</tr>
	
	<tr id="r_Email">
		<td class="ewTableHeader"><span>Email</span></td>
		<td class="ewTableAltRow"><span>
		<input name="email" type="text" size="30">*
		</span></td>
	</tr>
	
	<tr id="r_Phone">
		<td class="ewTableHeader"><span>Phone</span></td>
		<td class="ewTableAltRow"><span>
		<input name="phone" type="text" size="30">*
		</span></td>
	</tr>
	
	<tr id="r_Address">
		<td class="ewTableHeader"><span>Address</span></td>
		<td class="ewTableAltRow"><span>
		<input name="add" type="text" size="30">*
		</span></td>
	</tr>
	
	<tr id="r_Level">
		<td class="ewTableHeader"><span>Level</span></td>
		<td class="ewTableAltRow"><span>
		<select size="1" name="level" style="font-family: Arial; font-size: 8pt;">
			<option value="1">Admin</option>
			<option value="2">Manager</option>
			<option value="3">Leader</option>
			<option value="4">User</option>
		</select>*
		</span></td>
	</tr>
	
	<tr id="r_Active">
		<td class="ewTableHeader"><span>Active</span></td>
		<td class="ewTableAltRow"><span>
		<input name="active" type="checkbox" value="1">
		</span></td>
	</tr>
	
</table>
<p><span class="ewmsg">Những ô có dấu * là thông tin bắt buộc</span></p>
<p>
<input name="submit" type="submit" value="Thêm nhân viên">
</form>


<!--#include file="footer.asp"-->